Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.163 | [Suppression]
Utilisateur: CC (Administrateur) # C�LINE
Mis � jour le 02/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 21:54:04 | 03/02/2014
Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: NEC COMPUTERS INTERNATIONAL (NEC Versa Premium )
CPU: AMD Turion(tm) 64 Mobile Technology ML-30
RAM -> [Total : 959 Mo| Free : 617 Mo]
Bios: Insyde Software
Boot: Normal boot
OS: Microsoft Windows XP �dition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Google Chrome : 32.0.1700.102
WB: Mozilla Firefox : 18.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 71 Go (34 Go libre(s) - 48%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (ID: 696 |ParentID: 4)
C:\WINDOWS\system32\winlogon.exe (ID: 768 |ParentID: 696)
C:\WINDOWS\system32\services.exe (ID: 820 |ParentID: 768)
C:\WINDOWS\system32\lsass.exe (ID: 832 |ParentID: 768)
C:\WINDOWS\system32\svchost.exe (ID: 996 |ParentID: 820)
C:\WINDOWS\System32\svchost.exe (ID: 1152 |ParentID: 820)
C:\WINDOWS\system32\svchost.exe (ID: 1192 |ParentID: 820)
C:\WINDOWS\Explorer.EXE (ID: 1644 |ParentID: 1608)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ID: 1704 |ParentID: 820)
C:\WINDOWS\system32\spoolsv.exe (ID: 1912 |ParentID: 820)
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (ID: 688 |ParentID: 820)
C:\Program Files\Application Updater\ApplicationUpdater.exe (ID: 712 |ParentID: 820)
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (ID: 972 |ParentID: 820)
C:\Program Files\Java\jre6\bin\jqs.exe (ID: 1180 |ParentID: 820)
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (ID: 1228 |ParentID: 820)
C:\WINDOWS\system32\slserv.exe (ID: 396 |ParentID: 820)
C:\WINDOWS\system32\svchost.exe (ID: 456 |ParentID: 820)
C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe (ID: 524 |ParentID: 820)
C:\WINDOWS\system32\wuauclt.exe (ID: 1368 |ParentID: 1152)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (ID: 2252 |ParentID: 820)
C:\WINDOWS\System32\svchost.exe (ID: 3608 |ParentID: 820)
C:\Program Files\Alwil Software\Avast5\setup\avast.setup (ID: 3644 |ParentID: 1704)
################## | Regedit Run |
04 - HKCU\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKCU\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKLM\..\Run : [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
04 - HKLM\..\Run : [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
04 - HKLM\..\Run : [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
04 - HKLM\..\Run : [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [VTTimer] VTTimer.exe
04 - HKLM\..\Run : [SoundMan] SOUNDMAN.EXE
04 - HKLM\..\Run : [PCMService] "c:\Apps\Powercinema\PCMService.exe"
04 - HKLM\..\Run : [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [SearchSettings] "C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe"
04 - HKLM\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
################## | Recherche g�n�rique |
Non supprim� ! C:\Documents and Settings\CC\Menu D�marrer\Programmes\D�marrage\Documentation.vbs
Supprim�! C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs
Supprim�! C:\WINDOWS\AhnRpta.exe
(!) Fichiers temporaires supprim�s.
################## | Registre |
Supprim�! HKLM\Software\Classes\CLSID\MADOWN
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{049b7150-5672-11de-ab23-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{0f5dabd8-cf8e-11dc-a9d0-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{3216873e-c19a-11da-a6d3-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{472912da-ce35-11de-ab9e-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{5e5b9b6c-e15f-11dd-aa81-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{74c8dea8-d202-11e2-ade0-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{80d99075-93fd-11db-a809-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{a0518d8c-ba73-11dd-aa5d-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{a3d25dcc-b264-11dc-a9ab-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{c14b1f9c-8325-11dd-aa35-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{de7ff00f-4f6e-11dd-aa19-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{ee71c974-af19-11dc-a9a7-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{f84f998a-0b1d-11dd-a9f3-00038a000015}
################## | Listing |
[25/01/2009 - 10:22:04 | DC] - C:\!KillBox
[01/01/2008 - 19:59:36 | DC] - C:\$VAULT$.AVG
[17/05/2012 - 08:38:31 | DC] - C:\10b2b84a50f583f98e
[26/08/2009 - 08:01:21 | DC] - C:\151a6cb6f9895fa7621ba8ee7c86
[22/03/2012 - 00:27:25 | DC] - C:\3e3a74629727b265e4ec536f607d14
[16/05/2012 - 23:41:29 | DC] - C:\421d9dbc0bdfac3b0a0be0
[18/11/2006 - 00:15:34 | DC] - C:\4dbec11710d8890b0c53481eabd5
[08/12/2006 - 00:58:02 | DC] - C:\68ed557daa35f8e55e
[26/04/2012 - 18:50:16 | DC] - C:\8509445f683a9ec47f5a36bab5d0
[10/05/2007 - 11:31:02 | C | 80 Ko] - C:\agentreg.dll.vcd
[06/07/2008 - 21:37:49 | DC] - C:\Anuman Interactive
[24/04/2005 - 14:07:56 | DC] - C:\APPS
[16/06/2009 - 11:33:42 | DC] - C:\audio
[23/10/2007 - 15:05:56 | C | 44 Ko] - C:\bdch.dll.vcd
[09/05/2007 - 10:22:00 | C | 428 Ko] - C:\bdguictl.dll.vcd
[23/10/2007 - 15:05:48 | C | 188 Ko] - C:\bdsubmit.dll.vcd
[23/10/2007 - 15:06:16 | C | 172 Ko] - C:\bdsubmit.exe.vcd
[08/03/2007 - 18:00:42 | C | 60 Ko] - C:\bdutils.dll.vcd
[24/04/2005 - 13:54:04 | C | 0 Ko] - C:\BOOT.BAK
[10/04/2009 - 14:15:04 | RASHC | 0 Ko] - C:\BOOT.INI
[05/08/2004 - 13:00:00 | C | 5 Ko] - C:\Bootfont.bin
[30/12/2013 - 22:59:52 | DC] - C:\CanonMF
[24/04/2005 - 13:58:26 | DC] - C:\cmdcons
[05/08/2004 - 13:00:00 | N | 257 Ko] - C:\cmldr
[31/12/2013 - 00:36:09 | DC] - C:\Config.Msi
[07/10/2008 - 09:58:37 | C | 0 Ko] - C:\CreateMarkers.log
[23/11/2013 - 23:58:33 | DC] - C:\da555b75db8671f987d870
[01/06/2012 - 15:37:54 | DC] - C:\Diskeeper
[24/04/2005 - 14:00:41 | DC] - C:\DIVTOOLS
[31/05/2012 - 08:30:55 | C | 9 Ko] - C:\DkBootTime.log
[03/02/2014 - 21:55:00 | C | 0 Ko] - C:\DkHyperbootSync
[13/11/2008 - 13:52:45 | DC] - C:\Documents and Settings
[28/01/2009 - 15:33:02 | D] - C:\DRIVERS
[24/04/2005 - 13:16:56 | C | 5 Ko | 67887E985716E3C9E1FDF854413BB7D9] - C:\DWNLOG.TXT
[23/03/2007 - 17:50:14 | C | 6 Ko] - C:\getfile.dll.vcd
[03/02/2014 - 21:52:22 | ASH | 982580 Ko] - C:\hiberfil.sys
[14/03/2006 - 16:28:16 | C | 68 Ko] - C:\httpgetf.dll.vcd
[20/09/2005 - 16:37:42 | C | 1 Ko] - C:\INSTALL.LOG
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\IO.SYS
[06/09/2007 - 22:28:15 | C | 2 Ko] - C:\IPH.PH
[26/11/2008 - 13:16:03 | C | 272 Ko] - C:\livesrv.exe.vcd
[14/10/2005 - 13:13:39 | D] - C:\MEDIA68
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\MSDOS.SYS
[30/06/2005 - 22:58:03 | RHD] - C:\MSOCache
[24/04/2005 - 14:00:11 | D] - C:\My Music
[24/04/2005 - 14:08:22 | D] - C:\mysql
[05/08/2004 - 13:00:00 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] - C:\NTDETECT.COM
[25/11/2008 - 16:38:09 | RASH | 246 Ko] - C:\ntldr
[06/10/2009 - 09:43:42 | DC] - C:\Output Files
[03/02/2014 - 21:52:19 | ASH | 917504 Ko] - C:\pagefile.sys
[06/01/2011 - 23:31:52 | DC] - C:\pdfOCR
[19/09/2010 - 23:03:16 | DC] - C:\PDFOCR_Output
[24/04/2005 - 13:16:30 | D] - C:\PNP
[31/01/2007 - 15:07:52 | C | 80 Ko] - C:\procinf.dll.vcd
[03/02/2014 - 15:36:42 | D] - C:\Program Files
[17/07/2008 - 15:16:15 | D] - C:\Psfonts
[13/11/2008 - 13:55:50 | SHD] - C:\RECYCLER
[23/12/2004 - 10:25:44 | C | 0 Ko | A5A45B9FFD2216FF9F762B1E979A8833] - C:\SAUDIT.TXT
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmdata00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmdata01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmdata02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmdata03.sqm
[15/11/2008 - 11:38:09 | C | 0 Ko] - C:\sqmdata04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmdata05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmdata06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmdata07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmdata08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmdata09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmdata10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmdata11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmdata12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmdata13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmdata14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmdata15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmdata16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmdata17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmdata18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmdata19.sqm
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmnoopt00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmnoopt01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmnoopt02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmnoopt03.sqm
[15/11/2008 - 11:38:08 | C | 0 Ko] - C:\sqmnoopt04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmnoopt05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmnoopt06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmnoopt07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmnoopt08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmnoopt09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmnoopt10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmnoopt11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmnoopt12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmnoopt13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmnoopt14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmnoopt15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmnoopt16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmnoopt17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmnoopt18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmnoopt19.sqm
[28/06/2005 - 14:26:22 | SHD] - C:\System Volume Information
[20/12/2010 - 21:48:10 | D] - C:\temp
[08/02/2007 - 17:07:04 | C | 108 Ko] - C:\txmlx.dll.vcd
[08/02/2007 - 17:14:26 | C | 40 Ko] - C:\txtools.dll.vcd
[24/05/2001 - 11:59:30 | C | 159 Ko | 3A938ED2427DF10E571041069E6980CB] - C:\UNWISE.EXE
[23/03/2007 - 17:14:10 | C | 172 Ko] - C:\upgrepl.exe.vcd
[03/02/2014 - 20:07:16 | DC] - C:\UsbFix
[03/02/2014 - 22:13:59 | AC | 13 Ko | C6393E83B8BC9D49AC9DF9CCBB92E4F9] - C:\UsbFix [Clean 2] C�LINE.txt
[03/02/2014 - 20:29:41 | C | 7 Ko | D62A8F4BF868184987E08E985764C375] - C:\UsbFix [Scan 1] C�LINE.txt
[03/02/2014 - 22:13:04 | D] - C:\WINDOWS
[15/08/2007 - 14:26:00 | C | 92 Ko] - C:\wslib.dll.vcd
[26/11/2008 - 13:16:02 | C | 56 Ko] - C:\wspack.dll.vcd
[23/10/2007 - 11:22:24 | C | 192 Ko] - C:\zlib.dll.vcd
[20/09/2010 - 00:25:15 | C | 1 Ko | A850EA3DD1F137BA335E16B3D1170077] - C:\_Sid.txt
################## | Vaccin |
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Utilisateur: CC (Administrateur) # C�LINE
Mis � jour le 02/02/2014 par El Desaparecido - Team SosVirus
Lanc� � 21:54:04 | 03/02/2014
Site Web : http://www.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: NEC COMPUTERS INTERNATIONAL (NEC Versa Premium )
CPU: AMD Turion(tm) 64 Mobile Technology ML-30
RAM -> [Total : 959 Mo| Free : 617 Mo]
Bios: Insyde Software
Boot: Normal boot
OS: Microsoft Windows XP �dition familiale (5.1.2600 32-Bit) Service Pack 3
WB: Windows Internet Explorer : 8.0.6001.18702
WB: Google Chrome : 32.0.1700.102
WB: Mozilla Firefox : 18.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 71 Go (34 Go libre(s) - 48%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (ID: 696 |ParentID: 4)
C:\WINDOWS\system32\winlogon.exe (ID: 768 |ParentID: 696)
C:\WINDOWS\system32\services.exe (ID: 820 |ParentID: 768)
C:\WINDOWS\system32\lsass.exe (ID: 832 |ParentID: 768)
C:\WINDOWS\system32\svchost.exe (ID: 996 |ParentID: 820)
C:\WINDOWS\System32\svchost.exe (ID: 1152 |ParentID: 820)
C:\WINDOWS\system32\svchost.exe (ID: 1192 |ParentID: 820)
C:\WINDOWS\Explorer.EXE (ID: 1644 |ParentID: 1608)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ID: 1704 |ParentID: 820)
C:\WINDOWS\system32\spoolsv.exe (ID: 1912 |ParentID: 820)
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (ID: 688 |ParentID: 820)
C:\Program Files\Application Updater\ApplicationUpdater.exe (ID: 712 |ParentID: 820)
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (ID: 972 |ParentID: 820)
C:\Program Files\Java\jre6\bin\jqs.exe (ID: 1180 |ParentID: 820)
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (ID: 1228 |ParentID: 820)
C:\WINDOWS\system32\slserv.exe (ID: 396 |ParentID: 820)
C:\WINDOWS\system32\svchost.exe (ID: 456 |ParentID: 820)
C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe (ID: 524 |ParentID: 820)
C:\WINDOWS\system32\wuauclt.exe (ID: 1368 |ParentID: 1152)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (ID: 2252 |ParentID: 820)
C:\WINDOWS\System32\svchost.exe (ID: 3608 |ParentID: 820)
C:\Program Files\Alwil Software\Avast5\setup\avast.setup (ID: 3644 |ParentID: 1704)
################## | Regedit Run |
04 - HKCU\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKCU\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKLM\..\Run : [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
04 - HKLM\..\Run : [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
04 - HKLM\..\Run : [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
04 - HKLM\..\Run : [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [VTTimer] VTTimer.exe
04 - HKLM\..\Run : [SoundMan] SOUNDMAN.EXE
04 - HKLM\..\Run : [PCMService] "c:\Apps\Powercinema\PCMService.exe"
04 - HKLM\..\Run : [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [SearchSettings] "C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe"
04 - HKLM\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-21-3369366591-1348367908-779629615-1006\..\Run : [Documentation] wscript.exe //B "C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs"
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
################## | Recherche g�n�rique |
Non supprim� ! C:\Documents and Settings\CC\Menu D�marrer\Programmes\D�marrage\Documentation.vbs
Supprim�! C:\DOCUME~1\CC\LOCALS~1\Temp\Documentation.vbs
Supprim�! C:\WINDOWS\AhnRpta.exe
(!) Fichiers temporaires supprim�s.
################## | Registre |
Supprim�! HKLM\Software\Classes\CLSID\MADOWN
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
R�par� ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
Supprim�! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Documentation
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{049b7150-5672-11de-ab23-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{0f5dabd8-cf8e-11dc-a9d0-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{3216873e-c19a-11da-a6d3-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{472912da-ce35-11de-ab9e-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{5e5b9b6c-e15f-11dd-aa81-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{74c8dea8-d202-11e2-ade0-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{80d99075-93fd-11db-a809-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{a0518d8c-ba73-11dd-aa5d-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{a3d25dcc-b264-11dc-a9ab-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{c14b1f9c-8325-11dd-aa35-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{de7ff00f-4f6e-11dd-aa19-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{ee71c974-af19-11dc-a9a7-00038a000015}
Supprim�! HKU\S-1-5-21-3369366591-1348367908-779629615-1006\Software\.\.\.\.\Mountpoints2\{f84f998a-0b1d-11dd-a9f3-00038a000015}
################## | Listing |
[25/01/2009 - 10:22:04 | DC] - C:\!KillBox
[01/01/2008 - 19:59:36 | DC] - C:\$VAULT$.AVG
[17/05/2012 - 08:38:31 | DC] - C:\10b2b84a50f583f98e
[26/08/2009 - 08:01:21 | DC] - C:\151a6cb6f9895fa7621ba8ee7c86
[22/03/2012 - 00:27:25 | DC] - C:\3e3a74629727b265e4ec536f607d14
[16/05/2012 - 23:41:29 | DC] - C:\421d9dbc0bdfac3b0a0be0
[18/11/2006 - 00:15:34 | DC] - C:\4dbec11710d8890b0c53481eabd5
[08/12/2006 - 00:58:02 | DC] - C:\68ed557daa35f8e55e
[26/04/2012 - 18:50:16 | DC] - C:\8509445f683a9ec47f5a36bab5d0
[10/05/2007 - 11:31:02 | C | 80 Ko] - C:\agentreg.dll.vcd
[06/07/2008 - 21:37:49 | DC] - C:\Anuman Interactive
[24/04/2005 - 14:07:56 | DC] - C:\APPS
[16/06/2009 - 11:33:42 | DC] - C:\audio
[23/10/2007 - 15:05:56 | C | 44 Ko] - C:\bdch.dll.vcd
[09/05/2007 - 10:22:00 | C | 428 Ko] - C:\bdguictl.dll.vcd
[23/10/2007 - 15:05:48 | C | 188 Ko] - C:\bdsubmit.dll.vcd
[23/10/2007 - 15:06:16 | C | 172 Ko] - C:\bdsubmit.exe.vcd
[08/03/2007 - 18:00:42 | C | 60 Ko] - C:\bdutils.dll.vcd
[24/04/2005 - 13:54:04 | C | 0 Ko] - C:\BOOT.BAK
[10/04/2009 - 14:15:04 | RASHC | 0 Ko] - C:\BOOT.INI
[05/08/2004 - 13:00:00 | C | 5 Ko] - C:\Bootfont.bin
[30/12/2013 - 22:59:52 | DC] - C:\CanonMF
[24/04/2005 - 13:58:26 | DC] - C:\cmdcons
[05/08/2004 - 13:00:00 | N | 257 Ko] - C:\cmldr
[31/12/2013 - 00:36:09 | DC] - C:\Config.Msi
[07/10/2008 - 09:58:37 | C | 0 Ko] - C:\CreateMarkers.log
[23/11/2013 - 23:58:33 | DC] - C:\da555b75db8671f987d870
[01/06/2012 - 15:37:54 | DC] - C:\Diskeeper
[24/04/2005 - 14:00:41 | DC] - C:\DIVTOOLS
[31/05/2012 - 08:30:55 | C | 9 Ko] - C:\DkBootTime.log
[03/02/2014 - 21:55:00 | C | 0 Ko] - C:\DkHyperbootSync
[13/11/2008 - 13:52:45 | DC] - C:\Documents and Settings
[28/01/2009 - 15:33:02 | D] - C:\DRIVERS
[24/04/2005 - 13:16:56 | C | 5 Ko | 67887E985716E3C9E1FDF854413BB7D9] - C:\DWNLOG.TXT
[23/03/2007 - 17:50:14 | C | 6 Ko] - C:\getfile.dll.vcd
[03/02/2014 - 21:52:22 | ASH | 982580 Ko] - C:\hiberfil.sys
[14/03/2006 - 16:28:16 | C | 68 Ko] - C:\httpgetf.dll.vcd
[20/09/2005 - 16:37:42 | C | 1 Ko] - C:\INSTALL.LOG
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\IO.SYS
[06/09/2007 - 22:28:15 | C | 2 Ko] - C:\IPH.PH
[26/11/2008 - 13:16:03 | C | 272 Ko] - C:\livesrv.exe.vcd
[14/10/2005 - 13:13:39 | D] - C:\MEDIA68
[24/04/2005 - 13:58:29 | RASHC | 0 Ko] - C:\MSDOS.SYS
[30/06/2005 - 22:58:03 | RHD] - C:\MSOCache
[24/04/2005 - 14:00:11 | D] - C:\My Music
[24/04/2005 - 14:08:22 | D] - C:\mysql
[05/08/2004 - 13:00:00 | N | 46 Ko | B2DE3452DE03674C6CEC68B8C8CE7C78] - C:\NTDETECT.COM
[25/11/2008 - 16:38:09 | RASH | 246 Ko] - C:\ntldr
[06/10/2009 - 09:43:42 | DC] - C:\Output Files
[03/02/2014 - 21:52:19 | ASH | 917504 Ko] - C:\pagefile.sys
[06/01/2011 - 23:31:52 | DC] - C:\pdfOCR
[19/09/2010 - 23:03:16 | DC] - C:\PDFOCR_Output
[24/04/2005 - 13:16:30 | D] - C:\PNP
[31/01/2007 - 15:07:52 | C | 80 Ko] - C:\procinf.dll.vcd
[03/02/2014 - 15:36:42 | D] - C:\Program Files
[17/07/2008 - 15:16:15 | D] - C:\Psfonts
[13/11/2008 - 13:55:50 | SHD] - C:\RECYCLER
[23/12/2004 - 10:25:44 | C | 0 Ko | A5A45B9FFD2216FF9F762B1E979A8833] - C:\SAUDIT.TXT
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmdata00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmdata01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmdata02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmdata03.sqm
[15/11/2008 - 11:38:09 | C | 0 Ko] - C:\sqmdata04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmdata05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmdata06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmdata07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmdata08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmdata09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmdata10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmdata11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmdata12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmdata13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmdata14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmdata15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmdata16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmdata17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmdata18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmdata19.sqm
[14/11/2008 - 11:02:46 | C | 0 Ko] - C:\sqmnoopt00.sqm
[14/11/2008 - 14:36:48 | C | 0 Ko] - C:\sqmnoopt01.sqm
[14/11/2008 - 14:41:19 | C | 0 Ko] - C:\sqmnoopt02.sqm
[15/11/2008 - 11:27:06 | C | 0 Ko] - C:\sqmnoopt03.sqm
[15/11/2008 - 11:38:08 | C | 0 Ko] - C:\sqmnoopt04.sqm
[06/10/2008 - 15:41:06 | C | 0 Ko] - C:\sqmnoopt05.sqm
[07/10/2008 - 09:59:47 | C | 0 Ko] - C:\sqmnoopt06.sqm
[16/10/2008 - 14:11:11 | C | 0 Ko] - C:\sqmnoopt07.sqm
[23/10/2008 - 20:58:31 | C | 0 Ko] - C:\sqmnoopt08.sqm
[24/10/2008 - 01:03:08 | C | 0 Ko] - C:\sqmnoopt09.sqm
[25/10/2008 - 01:43:49 | C | 0 Ko] - C:\sqmnoopt10.sqm
[26/10/2008 - 13:15:47 | C | 0 Ko] - C:\sqmnoopt11.sqm
[26/10/2008 - 22:57:12 | C | 0 Ko] - C:\sqmnoopt12.sqm
[29/10/2008 - 12:47:59 | C | 0 Ko] - C:\sqmnoopt13.sqm
[01/11/2008 - 11:29:54 | C | 0 Ko] - C:\sqmnoopt14.sqm
[03/11/2008 - 20:45:13 | C | 0 Ko] - C:\sqmnoopt15.sqm
[04/11/2008 - 15:11:58 | C | 0 Ko] - C:\sqmnoopt16.sqm
[05/11/2008 - 23:59:54 | C | 0 Ko] - C:\sqmnoopt17.sqm
[06/11/2008 - 13:28:57 | C | 0 Ko] - C:\sqmnoopt18.sqm
[08/11/2008 - 14:16:29 | C | 0 Ko] - C:\sqmnoopt19.sqm
[28/06/2005 - 14:26:22 | SHD] - C:\System Volume Information
[20/12/2010 - 21:48:10 | D] - C:\temp
[08/02/2007 - 17:07:04 | C | 108 Ko] - C:\txmlx.dll.vcd
[08/02/2007 - 17:14:26 | C | 40 Ko] - C:\txtools.dll.vcd
[24/05/2001 - 11:59:30 | C | 159 Ko | 3A938ED2427DF10E571041069E6980CB] - C:\UNWISE.EXE
[23/03/2007 - 17:14:10 | C | 172 Ko] - C:\upgrepl.exe.vcd
[03/02/2014 - 20:07:16 | DC] - C:\UsbFix
[03/02/2014 - 22:13:59 | AC | 13 Ko | C6393E83B8BC9D49AC9DF9CCBB92E4F9] - C:\UsbFix [Clean 2] C�LINE.txt
[03/02/2014 - 20:29:41 | C | 7 Ko | D62A8F4BF868184987E08E985764C375] - C:\UsbFix [Scan 1] C�LINE.txt
[03/02/2014 - 22:13:04 | D] - C:\WINDOWS
[15/08/2007 - 14:26:00 | C | 92 Ko] - C:\wslib.dll.vcd
[26/11/2008 - 13:16:02 | C | 56 Ko] - C:\wspack.dll.vcd
[23/10/2007 - 11:22:24 | C | 192 Ko] - C:\zlib.dll.vcd
[20/09/2010 - 00:25:15 | C | 1 Ko | A850EA3DD1F137BA335E16B3D1170077] - C:\_Sid.txt
################## | Vaccin |
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |